From fbee5d3ab73f9ecb0b79ee8cbd0a72016c3faff4 Mon Sep 17 00:00:00 2001 From: Anant Aneja <1797669+aaneja@users.noreply.github.com> Date: Tue, 7 Jan 2025 18:49:29 +0530 Subject: [PATCH] Force MySQL connection to use TLSv1.2 Newer versions of JDK have TLS 1.0 and 1.1 disabled by default. The JDK 8 version we were using was never updated to a newer one, so it continued to use these TLS versions The right fix is to update ConnectorJ (mysql-connector-java) and the MySQL versions we use 8.x. This should fix the defaults to sane TLS values. For now, we force TLSv1.2 to maintain parity with how we ran tests before. Disabling SSL/TLS with `useSSL=false` is also a valid setup for this test Refs - https://community.streamsets.com/common-issues-47/mysql-jdbc-error-javax-net-ssl-sslhandshakeexception-no-appropriate-protocol-112 https://bugs.openjdk.org/browse/JDK-8256490 --- presto-product-tests/conf/presto/etc/catalog/mysql.properties | 2 +- .../src/main/resources/tempto-configuration.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/presto-product-tests/conf/presto/etc/catalog/mysql.properties b/presto-product-tests/conf/presto/etc/catalog/mysql.properties index bb6b444c91d09..475c1d6dc1146 100644 --- a/presto-product-tests/conf/presto/etc/catalog/mysql.properties +++ b/presto-product-tests/conf/presto/etc/catalog/mysql.properties @@ -1,4 +1,4 @@ connector.name=mysql -connection-url=jdbc:mysql://mysql:13306 +connection-url=jdbc:mysql://mysql:13306?enabledTLSProtocols=TLSv1.2 connection-user=root connection-password=swarm diff --git a/presto-product-tests/src/main/resources/tempto-configuration.yaml b/presto-product-tests/src/main/resources/tempto-configuration.yaml index 1c9762fec85b6..2b55eeadf5cc4 100644 --- a/presto-product-tests/src/main/resources/tempto-configuration.yaml +++ b/presto-product-tests/src/main/resources/tempto-configuration.yaml @@ -82,7 +82,7 @@ databases: mysql: jdbc_driver_class: com.mysql.jdbc.Driver - jdbc_url: jdbc:mysql://mysql:13306/test + jdbc_url: jdbc:mysql://mysql:13306/test?enabledTLSProtocols=TLSv1.2 jdbc_user: root jdbc_password: swarm jdbc_pooling: true